Mercurial > hg > nginx-ranges
comparison src/event/ngx_event_openssl.c @ 274:052a7b1d40e5 NGINX_0_5_7
nginx 0.5.7
*) Feature: the ssl_session_cache storage optimization.
*) Bugfixes in the "ssl_session_cache" and "limit_zone" directives.
*) Bugfix: the segmentation fault was occurred on start or while
reconfiguration if the "ssl_session_cache" or "limit_zone"
directives were used on 64-bit platforms.
*) Bugfix: a segmentation fault occurred if the "add_before_body" or
"add_after_body" directives were used and there was no
"Content-Type" header line in response.
*) Bugfix: the OpenSSL library was always built with the threads
support.
Thanks to Den Ivanov.
*) Bugfix: the PCRE-6.5+ library and the icc compiler compatibility.
author | Igor Sysoev <http://sysoev.ru> |
---|---|
date | Mon, 15 Jan 2007 00:00:00 +0300 |
parents | 29a6403156b0 |
children | c5c2b2883984 |
comparison
equal
deleted
inserted
replaced
273:60df8db42ffb | 274:052a7b1d40e5 |
---|---|
30 static ngx_ssl_session_t *ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn, | 30 static ngx_ssl_session_t *ngx_ssl_get_cached_session(ngx_ssl_conn_t *ssl_conn, |
31 u_char *id, int len, int *copy); | 31 u_char *id, int len, int *copy); |
32 static void ngx_ssl_remove_session(SSL_CTX *ssl, ngx_ssl_session_t *sess); | 32 static void ngx_ssl_remove_session(SSL_CTX *ssl, ngx_ssl_session_t *sess); |
33 static void ngx_ssl_expire_sessions(ngx_ssl_session_cache_t *cache, | 33 static void ngx_ssl_expire_sessions(ngx_ssl_session_cache_t *cache, |
34 ngx_slab_pool_t *shpool, ngx_uint_t n); | 34 ngx_slab_pool_t *shpool, ngx_uint_t n); |
35 static void ngx_ssl_session_rbtree_insert_value(ngx_rbtree_node_t *temp, | |
36 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel); | |
35 | 37 |
36 static void *ngx_openssl_create_conf(ngx_cycle_t *cycle); | 38 static void *ngx_openssl_create_conf(ngx_cycle_t *cycle); |
37 static char *ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf); | 39 static char *ngx_openssl_init_conf(ngx_cycle_t *cycle, void *conf); |
38 static void ngx_openssl_exit(ngx_cycle_t *cycle); | 40 static void ngx_openssl_exit(ngx_cycle_t *cycle); |
39 | 41 |
1158 if (builtin_session_cache != NGX_SSL_NO_BUILTIN_SCACHE) { | 1160 if (builtin_session_cache != NGX_SSL_NO_BUILTIN_SCACHE) { |
1159 | 1161 |
1160 if (builtin_session_cache != NGX_SSL_DFLT_BUILTIN_SCACHE) { | 1162 if (builtin_session_cache != NGX_SSL_DFLT_BUILTIN_SCACHE) { |
1161 SSL_CTX_sess_set_cache_size(ssl->ctx, builtin_session_cache); | 1163 SSL_CTX_sess_set_cache_size(ssl->ctx, builtin_session_cache); |
1162 } | 1164 } |
1163 | 1165 } |
1164 SSL_CTX_set_timeout(ssl->ctx, timeout); | 1166 |
1165 } | 1167 SSL_CTX_set_timeout(ssl->ctx, timeout); |
1166 | 1168 |
1167 if (shm_zone) { | 1169 if (shm_zone) { |
1168 shm_zone->init = ngx_ssl_session_cache_init; | 1170 shm_zone->init = ngx_ssl_session_cache_init; |
1169 | 1171 |
1170 SSL_CTX_sess_set_new_cb(ssl->ctx, ngx_ssl_new_session); | 1172 SSL_CTX_sess_set_new_cb(ssl->ctx, ngx_ssl_new_session); |
1221 | 1223 |
1222 ngx_rbtree_sentinel_init(sentinel); | 1224 ngx_rbtree_sentinel_init(sentinel); |
1223 | 1225 |
1224 cache->session_rbtree->root = sentinel; | 1226 cache->session_rbtree->root = sentinel; |
1225 cache->session_rbtree->sentinel = sentinel; | 1227 cache->session_rbtree->sentinel = sentinel; |
1226 cache->session_rbtree->insert = ngx_rbtree_insert_value; | 1228 cache->session_rbtree->insert = ngx_ssl_session_rbtree_insert_value; |
1227 | 1229 |
1228 shm_zone->data = cache; | 1230 shm_zone->data = cache; |
1229 | 1231 |
1230 return NGX_OK; | 1232 return NGX_OK; |
1231 } | 1233 } |
1232 | 1234 |
1233 | 1235 |
1234 /* | 1236 /* |
1237 * The length of the session id is 16 bytes for SSLv2 sessions and | |
1238 * between 1 and 32 bytes for SSLv3/TLSv1, typically 32 bytes. | |
1239 * It seems that the typical length of the external ASN1 representation | |
1240 * of a session is 118 or 119 bytes for SSLv3/TSLv1. | |
1241 * | |
1242 * Thus on 32-bit platforms we allocate separately an rbtree node, | |
1243 * a session id, and an ASN1 representation, they take accordingly | |
1244 * 64, 32, and 128 bytes. | |
1245 * | |
1246 * On 64-bit platforms we allocate separately an rbtree node + session_id, | |
1247 * and an ASN1 representation, they take accordingly 128 and 128 bytes. | |
1248 * | |
1235 * OpenSSL's i2d_SSL_SESSION() and d2i_SSL_SESSION are slow, | 1249 * OpenSSL's i2d_SSL_SESSION() and d2i_SSL_SESSION are slow, |
1236 * so they are outside the code locked by shared pool mutex | 1250 * so they are outside the code locked by shared pool mutex |
1237 */ | 1251 */ |
1238 | 1252 |
1239 static int | 1253 static int |
1240 ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn, ngx_ssl_session_t *sess) | 1254 ngx_ssl_new_session(ngx_ssl_conn_t *ssl_conn, ngx_ssl_session_t *sess) |
1241 { | 1255 { |
1242 int len; | 1256 int len; |
1243 u_char *p, *id; | 1257 u_char *p, *id, *cached_sess; |
1244 uint32_t hash; | 1258 uint32_t hash; |
1245 SSL_CTX *ssl_ctx; | 1259 SSL_CTX *ssl_ctx; |
1246 ngx_time_t *tp; | 1260 ngx_time_t *tp; |
1247 ngx_shm_zone_t *shm_zone; | 1261 ngx_shm_zone_t *shm_zone; |
1248 ngx_connection_t *c; | 1262 ngx_connection_t *c; |
1249 ngx_slab_pool_t *shpool; | 1263 ngx_slab_pool_t *shpool; |
1250 ngx_ssl_sess_id_t *sess_id; | 1264 ngx_ssl_sess_id_t *sess_id; |
1251 ngx_ssl_cached_sess_t *cached_sess; | |
1252 ngx_ssl_session_cache_t *cache; | 1265 ngx_ssl_session_cache_t *cache; |
1253 u_char buf[NGX_SSL_MAX_SESSION_SIZE]; | 1266 u_char buf[NGX_SSL_MAX_SESSION_SIZE]; |
1254 | 1267 |
1255 len = i2d_SSL_SESSION(sess, NULL); | 1268 len = i2d_SSL_SESSION(sess, NULL); |
1256 | 1269 |
1274 ngx_shmtx_lock(&shpool->mutex); | 1287 ngx_shmtx_lock(&shpool->mutex); |
1275 | 1288 |
1276 /* drop one or two expired sessions */ | 1289 /* drop one or two expired sessions */ |
1277 ngx_ssl_expire_sessions(cache, shpool, 1); | 1290 ngx_ssl_expire_sessions(cache, shpool, 1); |
1278 | 1291 |
1279 cached_sess = ngx_slab_alloc_locked(shpool, | 1292 cached_sess = ngx_slab_alloc_locked(shpool, len); |
1280 offsetof(ngx_ssl_cached_sess_t, asn1) + len); | |
1281 | 1293 |
1282 if (cached_sess == NULL) { | 1294 if (cached_sess == NULL) { |
1283 | 1295 |
1284 /* drop the oldest non-expired session and try once more */ | 1296 /* drop the oldest non-expired session and try once more */ |
1285 | 1297 |
1286 ngx_ssl_expire_sessions(cache, shpool, 0); | 1298 ngx_ssl_expire_sessions(cache, shpool, 0); |
1287 | 1299 |
1288 cached_sess = ngx_slab_alloc_locked(shpool, | 1300 cached_sess = ngx_slab_alloc_locked(shpool, len); |
1289 offsetof(ngx_ssl_cached_sess_t, asn1) + len); | |
1290 | 1301 |
1291 if (cached_sess == NULL) { | 1302 if (cached_sess == NULL) { |
1292 id = NULL; | 1303 sess_id = NULL; |
1293 goto failed; | 1304 goto failed; |
1294 } | 1305 } |
1295 } | 1306 } |
1307 | |
1308 sess_id = ngx_slab_alloc_locked(shpool, sizeof(ngx_ssl_sess_id_t)); | |
1309 if (sess_id == NULL) { | |
1310 goto failed; | |
1311 } | |
1312 | |
1313 #if (NGX_PTR_SIZE == 8) | |
1314 | |
1315 id = sess_id->sess_id; | |
1316 | |
1317 #else | |
1296 | 1318 |
1297 id = ngx_slab_alloc_locked(shpool, sess->session_id_length); | 1319 id = ngx_slab_alloc_locked(shpool, sess->session_id_length); |
1298 if (id == NULL) { | 1320 if (id == NULL) { |
1299 goto failed; | 1321 goto failed; |
1300 } | 1322 } |
1301 | 1323 |
1302 sess_id = ngx_slab_alloc_locked(shpool, sizeof(ngx_ssl_sess_id_t)); | 1324 #endif |
1303 if (sess_id == NULL) { | 1325 |
1304 goto failed; | 1326 ngx_memcpy(cached_sess, buf, len); |
1305 } | |
1306 | |
1307 ngx_memcpy(&cached_sess->asn1[0], buf, len); | |
1308 | 1327 |
1309 ngx_memcpy(id, sess->session_id, sess->session_id_length); | 1328 ngx_memcpy(id, sess->session_id, sess->session_id_length); |
1310 | 1329 |
1311 hash = ngx_crc32_short(sess->session_id, sess->session_id_length); | 1330 hash = ngx_crc32_short(sess->session_id, sess->session_id_length); |
1312 | 1331 |
1313 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1332 ngx_log_debug3(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1314 "http ssl new session: %08XD:%d:%d", | 1333 "http ssl new session: %08XD:%d:%d", |
1315 hash, sess->session_id_length, len); | 1334 hash, sess->session_id_length, len); |
1335 | |
1336 tp = ngx_timeofday(); | |
1316 | 1337 |
1317 sess_id->node.key = hash; | 1338 sess_id->node.key = hash; |
1318 sess_id->node.data = (u_char) sess->session_id_length; | 1339 sess_id->node.data = (u_char) sess->session_id_length; |
1319 sess_id->id = id; | 1340 sess_id->id = id; |
1320 sess_id->len = len; | 1341 sess_id->len = len; |
1321 sess_id->session = cached_sess; | 1342 sess_id->session = cached_sess; |
1322 | 1343 |
1323 tp = ngx_timeofday(); | 1344 sess_id->expire = tp->sec + SSL_CTX_get_timeout(ssl_ctx); |
1324 | 1345 |
1325 cached_sess->expire = tp->sec + SSL_CTX_get_timeout(ssl_ctx); | 1346 sess_id->next = cache->session_cache_head.next; |
1326 cached_sess->sess_id = sess_id; | 1347 sess_id->next->prev = sess_id; |
1327 | 1348 sess_id->prev = &cache->session_cache_head; |
1328 cached_sess->next = cache->session_cache_head.next; | 1349 cache->session_cache_head.next = sess_id; |
1329 cached_sess->next->prev = cached_sess; | |
1330 cached_sess->prev = &cache->session_cache_head; | |
1331 cache->session_cache_head.next = cached_sess; | |
1332 | 1350 |
1333 ngx_rbtree_insert(cache->session_rbtree, &sess_id->node); | 1351 ngx_rbtree_insert(cache->session_rbtree, &sess_id->node); |
1334 | 1352 |
1335 ngx_shmtx_unlock(&shpool->mutex); | 1353 ngx_shmtx_unlock(&shpool->mutex); |
1336 | 1354 |
1340 | 1358 |
1341 if (cached_sess) { | 1359 if (cached_sess) { |
1342 ngx_slab_free_locked(shpool, cached_sess); | 1360 ngx_slab_free_locked(shpool, cached_sess); |
1343 } | 1361 } |
1344 | 1362 |
1345 if (id) { | 1363 if (sess_id) { |
1346 ngx_slab_free_locked(shpool, id); | 1364 ngx_slab_free_locked(shpool, sess_id); |
1347 } | 1365 } |
1348 | 1366 |
1349 ngx_shmtx_unlock(&shpool->mutex); | 1367 ngx_shmtx_unlock(&shpool->mutex); |
1350 | 1368 |
1351 ngx_log_error(NGX_LOG_ALERT, c->log, 0, | 1369 ngx_log_error(NGX_LOG_ALERT, c->log, 0, |
1362 #if OPENSSL_VERSION_NUMBER >= 0x0090707fL | 1380 #if OPENSSL_VERSION_NUMBER >= 0x0090707fL |
1363 const | 1381 const |
1364 #endif | 1382 #endif |
1365 u_char *p; | 1383 u_char *p; |
1366 uint32_t hash; | 1384 uint32_t hash; |
1385 ngx_int_t rc; | |
1367 ngx_time_t *tp; | 1386 ngx_time_t *tp; |
1368 ngx_shm_zone_t *shm_zone; | 1387 ngx_shm_zone_t *shm_zone; |
1369 ngx_slab_pool_t *shpool; | 1388 ngx_slab_pool_t *shpool; |
1370 ngx_connection_t *c; | 1389 ngx_connection_t *c; |
1371 ngx_rbtree_node_t *node, *sentinel; | 1390 ngx_rbtree_node_t *node, *sentinel; |
1372 ngx_ssl_session_t *sess; | 1391 ngx_ssl_session_t *sess; |
1373 ngx_ssl_sess_id_t *sess_id; | 1392 ngx_ssl_sess_id_t *sess_id; |
1374 ngx_ssl_cached_sess_t *cached_sess; | |
1375 ngx_ssl_session_cache_t *cache; | 1393 ngx_ssl_session_cache_t *cache; |
1376 u_char buf[NGX_SSL_MAX_SESSION_SIZE]; | 1394 u_char buf[NGX_SSL_MAX_SESSION_SIZE]; |
1377 | 1395 |
1378 c = ngx_ssl_get_connection(ssl_conn); | 1396 c = ngx_ssl_get_connection(ssl_conn); |
1379 | 1397 |
1380 hash = ngx_crc32_short(id, len); | 1398 hash = ngx_crc32_short(id, (size_t) len); |
1381 *copy = 0; | 1399 *copy = 0; |
1382 | 1400 |
1383 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, | 1401 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, c->log, 0, |
1384 "http ssl get session: %08XD:%d", hash, len); | 1402 "http ssl get session: %08XD:%d", hash, len); |
1385 | 1403 |
1411 if (hash > node->key) { | 1429 if (hash > node->key) { |
1412 node = node->right; | 1430 node = node->right; |
1413 continue; | 1431 continue; |
1414 } | 1432 } |
1415 | 1433 |
1416 if (hash == node->key && (u_char) len == node->data) { | 1434 /* hash == node->key */ |
1435 | |
1436 do { | |
1417 sess_id = (ngx_ssl_sess_id_t *) node; | 1437 sess_id = (ngx_ssl_sess_id_t *) node; |
1418 | 1438 |
1419 if (ngx_strncmp(id, sess_id->id, len) == 0) { | 1439 rc = ngx_memn2cmp(id, sess_id->id, |
1420 | 1440 (size_t) len, (size_t) node->data); |
1421 cached_sess = sess_id->session; | 1441 if (rc == 0) { |
1422 | 1442 |
1423 tp = ngx_timeofday(); | 1443 tp = ngx_timeofday(); |
1424 | 1444 |
1425 if (cached_sess->expire > tp->sec) { | 1445 if (sess_id->expire > tp->sec) { |
1426 ngx_memcpy(buf, &cached_sess->asn1[0], sess_id->len); | 1446 ngx_memcpy(buf, sess_id->session, sess_id->len); |
1427 | 1447 |
1428 ngx_shmtx_unlock(&shpool->mutex); | 1448 ngx_shmtx_unlock(&shpool->mutex); |
1429 | 1449 |
1430 p = buf; | 1450 p = buf; |
1431 sess = d2i_SSL_SESSION(NULL, &p, sess_id->len); | 1451 sess = d2i_SSL_SESSION(NULL, &p, sess_id->len); |
1432 | 1452 |
1433 return sess; | 1453 return sess; |
1434 } | 1454 } |
1435 | 1455 |
1436 cached_sess->next->prev = cached_sess->prev; | 1456 sess_id->next->prev = sess_id->prev; |
1437 cached_sess->prev->next = cached_sess->next; | 1457 sess_id->prev->next = sess_id->next; |
1438 | 1458 |
1439 ngx_rbtree_delete(cache->session_rbtree, node); | 1459 ngx_rbtree_delete(cache->session_rbtree, node); |
1440 | 1460 |
1441 ngx_slab_free_locked(shpool, cached_sess); | 1461 ngx_slab_free_locked(shpool, sess_id->session); |
1462 #if (NGX_PTR_SIZE == 4) | |
1442 ngx_slab_free_locked(shpool, sess_id->id); | 1463 ngx_slab_free_locked(shpool, sess_id->id); |
1464 #endif | |
1443 ngx_slab_free_locked(shpool, sess_id); | 1465 ngx_slab_free_locked(shpool, sess_id); |
1444 | 1466 |
1445 sess = NULL; | 1467 sess = NULL; |
1446 | 1468 |
1447 break; | 1469 goto done; |
1448 } | 1470 } |
1449 } | 1471 |
1450 | 1472 node = (rc < 0) ? node->left : node->right; |
1451 node = node->right; | 1473 |
1452 } | 1474 } while (node != sentinel && hash == node->key); |
1475 | |
1476 break; | |
1477 } | |
1478 | |
1479 done: | |
1453 | 1480 |
1454 ngx_shmtx_unlock(&shpool->mutex); | 1481 ngx_shmtx_unlock(&shpool->mutex); |
1455 | 1482 |
1456 return sess; | 1483 return sess; |
1457 } | 1484 } |
1458 | 1485 |
1459 | 1486 |
1460 static void | 1487 static void |
1461 ngx_ssl_remove_session(SSL_CTX *ssl, ngx_ssl_session_t *sess) | 1488 ngx_ssl_remove_session(SSL_CTX *ssl, ngx_ssl_session_t *sess) |
1462 { | 1489 { |
1463 u_char *id, len; | 1490 size_t len; |
1491 u_char *id; | |
1464 uint32_t hash; | 1492 uint32_t hash; |
1493 ngx_int_t rc; | |
1465 ngx_shm_zone_t *shm_zone; | 1494 ngx_shm_zone_t *shm_zone; |
1466 ngx_slab_pool_t *shpool; | 1495 ngx_slab_pool_t *shpool; |
1467 ngx_rbtree_node_t *node, *sentinel; | 1496 ngx_rbtree_node_t *node, *sentinel; |
1468 ngx_ssl_sess_id_t *sess_id; | 1497 ngx_ssl_sess_id_t *sess_id; |
1469 ngx_ssl_cached_sess_t *cached_sess; | |
1470 ngx_ssl_session_cache_t *cache; | 1498 ngx_ssl_session_cache_t *cache; |
1471 | 1499 |
1472 shm_zone = SSL_CTX_get_ex_data(ssl, ngx_ssl_session_cache_index); | 1500 shm_zone = SSL_CTX_get_ex_data(ssl, ngx_ssl_session_cache_index); |
1473 | 1501 |
1474 cache = shm_zone->data; | 1502 cache = shm_zone->data; |
1475 | 1503 |
1476 id = sess->session_id; | 1504 id = sess->session_id; |
1477 len = (u_char) sess->session_id_length; | 1505 len = (size_t) sess->session_id_length; |
1478 | 1506 |
1479 hash = ngx_crc32_short(id, (size_t) len); | 1507 hash = ngx_crc32_short(id, len); |
1480 | 1508 |
1481 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, | 1509 ngx_log_debug2(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, |
1482 "http ssl remove session: %08XD:%d", hash, len); | 1510 "http ssl remove session: %08XD:%uz", hash, len); |
1483 | 1511 |
1484 shpool = (ngx_slab_pool_t *) shm_zone->shm.addr; | 1512 shpool = (ngx_slab_pool_t *) shm_zone->shm.addr; |
1485 | 1513 |
1486 ngx_shmtx_lock(&shpool->mutex); | 1514 ngx_shmtx_lock(&shpool->mutex); |
1487 | 1515 |
1498 if (hash > node->key) { | 1526 if (hash > node->key) { |
1499 node = node->right; | 1527 node = node->right; |
1500 continue; | 1528 continue; |
1501 } | 1529 } |
1502 | 1530 |
1503 if (hash == node->key && len == node->data) { | 1531 /* hash == node->key */ |
1532 | |
1533 do { | |
1504 sess_id = (ngx_ssl_sess_id_t *) node; | 1534 sess_id = (ngx_ssl_sess_id_t *) node; |
1505 | 1535 |
1506 if (ngx_strncmp(id, sess_id->id, (size_t) len) == 0) { | 1536 rc = ngx_memn2cmp(id, sess_id->id, len, (size_t) node->data); |
1507 | 1537 |
1508 cached_sess = sess_id->session; | 1538 if (rc == 0) { |
1509 | 1539 sess_id->next->prev = sess_id->prev; |
1510 cached_sess->next->prev = cached_sess->prev; | 1540 sess_id->prev->next = sess_id->next; |
1511 cached_sess->prev->next = cached_sess->next; | |
1512 | 1541 |
1513 ngx_rbtree_delete(cache->session_rbtree, node); | 1542 ngx_rbtree_delete(cache->session_rbtree, node); |
1514 | 1543 |
1515 ngx_slab_free_locked(shpool, cached_sess); | 1544 ngx_slab_free_locked(shpool, sess_id->session); |
1545 #if (NGX_PTR_SIZE == 4) | |
1516 ngx_slab_free_locked(shpool, sess_id->id); | 1546 ngx_slab_free_locked(shpool, sess_id->id); |
1547 #endif | |
1517 ngx_slab_free_locked(shpool, sess_id); | 1548 ngx_slab_free_locked(shpool, sess_id); |
1518 | 1549 |
1519 break; | 1550 goto done; |
1520 } | 1551 } |
1521 } | 1552 |
1522 | 1553 node = (rc < 0) ? node->left : node->right; |
1523 node = node->right; | 1554 |
1524 } | 1555 } while (node != sentinel && hash == node->key); |
1556 | |
1557 break; | |
1558 } | |
1559 | |
1560 done: | |
1525 | 1561 |
1526 ngx_shmtx_unlock(&shpool->mutex); | 1562 ngx_shmtx_unlock(&shpool->mutex); |
1527 } | 1563 } |
1528 | 1564 |
1529 | 1565 |
1530 static void | 1566 static void |
1531 ngx_ssl_expire_sessions(ngx_ssl_session_cache_t *cache, | 1567 ngx_ssl_expire_sessions(ngx_ssl_session_cache_t *cache, |
1532 ngx_slab_pool_t *shpool, ngx_uint_t n) | 1568 ngx_slab_pool_t *shpool, ngx_uint_t n) |
1533 { | 1569 { |
1534 ngx_time_t *tp; | 1570 ngx_time_t *tp; |
1535 ngx_ssl_sess_id_t *sess_id; | 1571 ngx_ssl_sess_id_t *sess_id; |
1536 ngx_ssl_cached_sess_t *sess; | |
1537 | 1572 |
1538 tp = ngx_timeofday(); | 1573 tp = ngx_timeofday(); |
1539 | 1574 |
1540 while (n < 3) { | 1575 while (n < 3) { |
1541 | 1576 |
1542 sess = cache->session_cache_tail.prev; | 1577 sess_id = cache->session_cache_tail.prev; |
1543 | 1578 |
1544 if (sess == &cache->session_cache_head) { | 1579 if (sess_id == &cache->session_cache_head) { |
1545 return; | 1580 return; |
1546 } | 1581 } |
1547 | 1582 |
1548 if (n++ != 0 && sess->expire > tp->sec) { | 1583 if (n++ != 0 && sess_id->expire > tp->sec) { |
1549 break; | 1584 break; |
1550 } | 1585 } |
1551 | 1586 |
1552 sess->next->prev = sess->prev; | 1587 sess_id->next->prev = sess_id->prev; |
1553 sess->prev->next = sess->next; | 1588 sess_id->prev->next = sess_id->next; |
1554 | |
1555 sess_id = sess->sess_id; | |
1556 | 1589 |
1557 ngx_rbtree_delete(cache->session_rbtree, &sess_id->node); | 1590 ngx_rbtree_delete(cache->session_rbtree, &sess_id->node); |
1558 | 1591 |
1559 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, | 1592 ngx_log_debug1(NGX_LOG_DEBUG_EVENT, ngx_cycle->log, 0, |
1560 "expire session: %08Xi", sess_id->node.key); | 1593 "expire session: %08Xi", sess_id->node.key); |
1561 | 1594 |
1562 ngx_slab_free_locked(shpool, sess); | 1595 ngx_slab_free_locked(shpool, sess_id->session); |
1596 #if (NGX_PTR_SIZE == 4) | |
1563 ngx_slab_free_locked(shpool, sess_id->id); | 1597 ngx_slab_free_locked(shpool, sess_id->id); |
1598 #endif | |
1564 ngx_slab_free_locked(shpool, sess_id); | 1599 ngx_slab_free_locked(shpool, sess_id); |
1565 } | 1600 } |
1566 } | 1601 } |
1602 | |
1603 | |
1604 static void | |
1605 ngx_ssl_session_rbtree_insert_value(ngx_rbtree_node_t *temp, | |
1606 ngx_rbtree_node_t *node, ngx_rbtree_node_t *sentinel) | |
1607 { | |
1608 ngx_ssl_sess_id_t *sess_id, *sess_id_temp; | |
1609 | |
1610 for ( ;; ) { | |
1611 | |
1612 if (node->key < temp->key) { | |
1613 | |
1614 if (temp->left == sentinel) { | |
1615 temp->left = node; | |
1616 break; | |
1617 } | |
1618 | |
1619 temp = temp->left; | |
1620 | |
1621 } else if (node->key > temp->key) { | |
1622 | |
1623 if (temp->right == sentinel) { | |
1624 temp->right = node; | |
1625 break; | |
1626 } | |
1627 | |
1628 temp = temp->right; | |
1629 | |
1630 } else { /* node->key == temp->key */ | |
1631 | |
1632 sess_id = (ngx_ssl_sess_id_t *) node; | |
1633 sess_id_temp = (ngx_ssl_sess_id_t *) temp; | |
1634 | |
1635 if (ngx_memn2cmp(sess_id->id, sess_id_temp->id, | |
1636 (size_t) node->data, (size_t) temp->data) | |
1637 < 0) | |
1638 { | |
1639 if (temp->left == sentinel) { | |
1640 temp->left = node; | |
1641 break; | |
1642 } | |
1643 | |
1644 temp = temp->left; | |
1645 | |
1646 } else { | |
1647 | |
1648 if (temp->right == sentinel) { | |
1649 temp->right = node; | |
1650 break; | |
1651 } | |
1652 | |
1653 temp = temp->right; | |
1654 } | |
1655 } | |
1656 } | |
1657 | |
1658 node->parent = temp; | |
1659 node->left = sentinel; | |
1660 node->right = sentinel; | |
1661 ngx_rbt_red(node); | |
1662 } | |
1567 | 1663 |
1568 | 1664 |
1569 void | 1665 void |
1570 ngx_ssl_cleanup_ctx(void *data) | 1666 ngx_ssl_cleanup_ctx(void *data) |
1571 { | 1667 { |